close
close
Your Network of Tomorrow
Your Network of Tomorrow
Plan your path toward a faster, more secure, and more resilient network designed for the applications and users that you support.
          Experience Netskope
          Get Hands-on With the Netskope Platform
          Here's your chance to experience the Netskope One single-cloud platform first-hand. Sign up for self-paced, hands-on labs, join us for monthly live product demos, take a free test drive of Netskope Private Access, or join us for a live, instructor-led workshops.
            A Leader in SSE. Now a Leader in Single-Vendor SASE.
            A Leader in SSE. Now a Leader in Single-Vendor SASE.
            Netskope debuts as a Leader in the Gartner® Magic Quadrant™ for Single-Vendor SASE
              Securing Generative AI for Dummies
              Securing Generative AI for Dummies
              Learn how your organization can balance the innovative potential of generative AI with robust data security practices.
                Modern data loss prevention (DLP) for Dummies eBook
                Modern Data Loss Prevention (DLP) for Dummies
                Get tips and tricks for transitioning to a cloud-delivered DLP.
                  Modern SD-WAN for SASE Dummies Book
                  Modern SD-WAN for SASE Dummies
                  Stop playing catch up with your networking architecture
                    Understanding where the risk lies
                    Advanced Analytics transforms the way security operations teams apply data-driven insights to implement better policies. With Advanced Analytics, you can identify trends, zero in on areas of concern and use the data to take action.
                        The 6 Most Compelling Use Cases for Complete Legacy VPN Replacement
                        The 6 Most Compelling Use Cases for Complete Legacy VPN Replacement
                        Netskope One Private Access is the only solution that allows you to retire your VPN for good.
                          Colgate-Palmolive Safeguards its "Intellectual Property” with Smart and Adaptable Data Protection
                          Colgate-Palmolive Safeguards its "Intellectual Property” with Smart and Adaptable Data Protection
                            Netskope GovCloud
                            Netskope achieves FedRAMP High Authorization
                            Choose Netskope GovCloud to accelerate your agency’s transformation.
                              Let's Do Great Things Together
                              Netskope’s partner-centric go-to-market strategy enables our partners to maximize their growth and profitability while transforming enterprise security.
                                Netskope solutions
                                Netskope Cloud Exchange
                                Netskope Cloud Exchange (CE) provides customers with powerful integration tools to leverage investments across their security posture.
                                  Netskope Technical Support
                                  Netskope Technical Support
                                  Our qualified support engineers are located worldwide and have diverse backgrounds in cloud security, networking, virtualization, content delivery, and software development, ensuring timely and quality technical assistance
                                    Netskope video
                                    Netskope Training
                                    Netskope training will help you become a cloud security expert. We are here to help you secure your digital transformation journey and make the most of your cloud, web, and private applications.

                                      CASB Gets Center Stage at Gartner’s Security & Risk Management Summit

                                      Jun 16 2017
                                      Tags
                                      CASB
                                      Cloud Best Practices
                                      Cloud Security
                                      Gartner Events
                                      Tools and Tips
                                      Word on the Street

                                      Three years ago this week I attended the first Gartner Security & Risk Summit at National Harbor in Maryland with Netskope. At the time Netskope’s cloud access security broker (CASB) software was a few versions old and the market was just starting to understand the extent to which cloud security would become a requirement. Discussions with prospective customers were often a cross between denial and skepticism and the sessions on CASB could be counted on one hand.

                                      As we wrap up this year’s show I can share that things are much different. The security community is now fully onboard with the need for a CASB and Gartner has ( for the second year) called CASB one of several Top Technologies for Security Professionals in 2017. In the sessions from analysts, the mention of CASB was not limited to those covering cloud security alone — it has extended into adjacent category discussions, making it a full-fledged member of the security ecosystem. CASB took center stage during several moments of the opening keynote and as Neil MacDonald pointed out during a later session, CASB is now starting its ascent out of the “Trough of Disillusionment” in the Hype Cycle for Cloud Security — a sign of maturity that many categories never make it to. I’ll stop short of saying CASB is mainstream, considering market penetration is less than 10% today, but it’s certainly a hot space.

                                      In the exhibit hall, the discussions are now about “when,” instead of “if,” buyers will implement a CASB. Coupled with that, however, is a frustration on the part of buyers who are trying to discern the difference between several vendors in the space. At Netskope we’ve heard this frustration and have worked to cut through the noise with key fundamentals and use cases. Here are some examples:

                                      Fundamentals:

                                      1. Does the CASB have a context engine that sees granular usage details for thousands of cloud services (SaaS, IaaS)? (e.g., upload, download, share, view, edit for every cloud service you choose to sanction, block, or permit in your enterprise)
                                      2. Is the CASB a true “multi-mode CASB” (recommended by Gartner) or does it fall down when trying to address unsanctioned cloud service usage via mobile, remote, or clients? (Note the announcement from Google this week where they will enable backup of an entire workstation to Drive or the Box announcement of Box Drive that streams files to your desktop rather than syncing them down — will your CASB be able to support these things? You should ask)
                                      3. Are you being asked to skip a proof of concept and simply trust a vendor’s ability to address all use cases? Netskope always recommends a proof of concept. Why? The cloud is fundamentally different and a POC brings the contrast between vendors into stark relief.
                                      4. Is the vendor an app vendor and a security vendor? Would you buy their security software if you weren’t using their apps? What happens to your cloud security strategy if your employees want to use an app that competes with their apps? Does their security work in that case? How long does it take for them to update security for competing apps vs. their own?

                                      Use Cases:

                                      1. Can the CASB distinguish between corporate and personal instances of the same cloud service? (e.g., deliver OneDrive security irrespective of whether or not it’s a corporate or personal instance)
                                      2. Will the CASB prevent data exfiltration from your sanctioned cloud service to cloud services that are unsanctioned?
                                      3. Is your enterprise using IaaS services and building custom apps? Does your CASB allow you to monitor usage and provide granular policy control over these services?
                                      4. Does the CASB allow enforcement at the activity level based on specific conditions? (e.g., allow sharing of sensitive information with employees as long as they are doing so from a secure device and network)
                                      5. Is applying governance based on device ownership important to you? (i.e., should employees be able to view sensitive data from a kiosk PC at a hotel?)

                                      If you visited the Netskope booth, I hope that you were asked one of these questions and that it helped as you considered your CASB project – irrespective of where you are in that process.

                                      A parting thought: if you missed us, please don’t hesitate to reach out or review some of the content we’ve provided to help with your selection process. Finally – if you attended Gartner Security & Risk Management Summit this year, we’d love to hear your thoughts.

                                      author image
                                      Netskope Staff
                                      Browse recent articles by Netskope Staff. Discover the latest trends and updates within the cloud and network space.
                                      Browse recent articles by Netskope Staff. Discover the latest trends and updates within the cloud and network space.

                                      Stay informed!

                                      Subscribe for the latest from the Netskope Blog